/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.213 - (hide annotations) (download)
Sun Mar 30 18:17:25 2008 UTC (7 years ago) by phreak
Branch: MAIN
Changes since 1.212: +5 -1 lines
Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are maintaining it).
(Portage version: 2.1.4.4)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.213 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.212 2008/03/24 15:05:49 phreak Exp $
4    
5     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
6     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
7     maintaining it).
8 phreak 1.212
9     24 Mar 2008; Christian Heim <phreak@gentoo.org>
10     hardened-sources-2.4.35-r2.ebuild:
11     Fixing SRC_URI for 2.4.35-r2.
12 phreak 1.211
13     *hardened-sources-2.6.23-r9 (22 Mar 2008)
14    
15     22 Mar 2008; Christian Heim <phreak@gentoo.org>
16     +hardened-sources-2.6.23-r9.ebuild:
17     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
18     * Change the default GIDs for some grsecurity options
19     * Revamp the Hardened [Gentoo] security level and make it the default level
20     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
21     * Fix a recursive lock -- call to capable() within ptrace_attach()
22     * Fix bug that allows audit and iscsi operations to be controlled via netlink
23 solar 1.210
24     *hardened-sources-2.6.23-r8 (27 Feb 2008)
25    
26     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
27     - version bump from Kerin Millar bug 210026
28 solar 1.209
29     17 Feb 2008; <solar@gentoo.org> metadata.xml,
30     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
31     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
32     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
33     - stable on x86 and remove old ebuilds
34 solar 1.207
35     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
36 solar 1.208 - stable on amd64 per request of amd64 lead
37 solar 1.206
38     *hardened-sources-2.6.23-r7 (11 Feb 2008)
39    
40     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
41     - version bump from kerin.millar
42     Changes:
43    
44     * Bump to genpatches-base-2.6.23-9
45     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
46     * Disables COMPAT_VDSO in x86/defconfig
47     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
48 phreak 1.205
49     25 Jan 2008; Christian Heim <phreak@gentoo.org>
50     -hardened-sources-2.6.22-r8.ebuild:
51     Cleaning up old versions.
52 phreak 1.204
53     *hardened-sources-2.6.23-r6 (25 Jan 2008)
54    
55     25 Jan 2008; Christian Heim <phreak@gentoo.org>
56     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
57     Revision bump, pulling in the latest genpatches.
58 phreak 1.203
59     *hardened-sources-2.6.23-r5 (24 Dec 2007)
60    
61     24 Dec 2007; Christian Heim <phreak@gentoo.org>
62     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
63     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
64     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
65     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
66 phreak 1.202
67     24 Dec 2007; Christian Heim <phreak@gentoo.org>
68     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
69     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
70     -hardened-sources-2.6.23-r3.ebuild:
71     Cleaning out some unused, old versions.
72 phreak 1.201
73     24 Dec 2007; Christian Heim <phreak@gentoo.org>
74     hardened-sources-2.6.23-r4.ebuild:
75     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
76     in the tree for long, but there isn't much of a difference between this and
77     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
78 phreak 1.200
79     *hardened-sources-2.6.23-r4 (23 Dec 2007)
80    
81     23 Dec 2007; Christian Heim <phreak@gentoo.org>
82     +hardened-sources-2.6.23-r4.ebuild:
83     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
84 phreak 1.199
85     *hardened-sources-2.6.23-r3 (04 Dec 2007)
86    
87     04 Dec 2007; Christian Heim <phreak@gentoo.org>
88     +hardened-sources-2.6.23-r3.ebuild:
89     Revision bump, pulling in 2.6.23.9.
90 phreak 1.198
91     *hardened-sources-2.6.23-r2 (25 Nov 2007)
92    
93     25 Nov 2007; Christian Heim <phreak@gentoo.org>
94     +hardened-sources-2.6.23-r2.ebuild:
95     Updated patchset, thanks to solar.
96 phreak 1.197
97     *hardened-sources-2.6.23-r1 (31 Oct 2007)
98    
99     31 Oct 2007; Christian Heim <phreak@gentoo.org>
100     +hardened-sources-2.6.23-r1.ebuild:
101     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
102 solar 1.196
103     29 Oct 2007; <solar@gentoo.org> metadata.xml:
104     - update metadata.xml
105 phreak 1.195
106     25 Oct 2007; Christian Heim <phreak@gentoo.org>
107     hardened-sources-2.6.22-r8.ebuild:
108     Marking 2.6.22-r8 stable on amd64 and x86.
109 phreak 1.194
110     21 Oct 2007; Christian Heim <phreak@gentoo.org>
111     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
112     -hardened-sources-2.6.21-r4.ebuild:
113     Removing old ebuilds.
114 phreak 1.193
115     *hardened-sources-2.4.35-r2 (21 Oct 2007)
116    
117     21 Oct 2007; Christian Heim <phreak@gentoo.org>
118     +hardened-sources-2.4.35-r2.ebuild:
119     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
120     patches.
121 phreak 1.192
122     *hardened-sources-2.6.22-r8 (21 Oct 2007)
123    
124     21 Oct 2007; Christian Heim <phreak@gentoo.org>
125     +hardened-sources-2.6.22-r8.ebuild:
126     Yet another new patch, hopefully fixing the remaining issues we had w/
127     2.6.22. Candidate for stabling.
128 phreak 1.191
129     *hardened-sources-2.6.23 (13 Oct 2007)
130    
131     13 Oct 2007; Christian Heim <phreak@gentoo.org>
132     +hardened-sources-2.6.23.ebuild:
133     Initial hardened-sources-2.6.23. If people still have problems w/ bug
134     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
135 phreak 1.190
136     11 Oct 2007; Christian Heim <phreak@gentoo.org>
137     hardened-sources-2.6.20-r10.ebuild:
138     Pulling in yet another new genpatches version, fixing the PWC bug for real.
139 phreak 1.189
140     04 Oct 2007; Christian Heim <phreak@gentoo.org>
141     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
142     Removing old versions.
143 phreak 1.188
144     *hardened-sources-2.6.22-r7 (01 Oct 2007)
145    
146     01 Oct 2007; Christian Heim <phreak@gentoo.org>
147     +hardened-sources-2.6.22-r7.ebuild:
148     Revision bump, pulling in a newer patch. Should fix #194276.
149 phreak 1.187
150     30 Sep 2007; Christian Heim <phreak@gentoo.org>
151     hardened-sources-2.6.20-r10.ebuild:
152     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
153     Mike Doty).
154 phreak 1.186
155     *hardened-sources-2.6.22-r6 (26 Sep 2007)
156    
157     26 Sep 2007; Christian Heim <phreak@gentoo.org>
158     +hardened-sources-2.6.22-r6.ebuild:
159     Revision bump, grabbing up till Linux 2.6.22.9.
160 phreak 1.185
161     24 Sep 2007; Christian Heim <phreak@gentoo.org>
162     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
163     Cleaning up further.
164 phreak 1.184
165     *hardened-sources-2.6.20-r10 (24 Sep 2007)
166    
167     24 Sep 2007; Christian Heim <phreak@gentoo.org>
168     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
169     +hardened-sources-2.6.20-r10.ebuild:
170     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
171     revisions.
172 phreak 1.183
173     *hardened-sources-2.6.22-r5 (22 Sep 2007)
174    
175     22 Sep 2007; Christian Heim <phreak@gentoo.org>
176     +hardened-sources-2.6.22-r5.ebuild:
177     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
178 phreak 1.182
179     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
180     Removing johnm from metadata.xml (see #186467 for reference).
181 phreak 1.181
182     *hardened-sources-2.6.22-r4 (17 Sep 2007)
183    
184     17 Sep 2007; Christian Heim <phreak@gentoo.org>
185     +hardened-sources-2.6.22-r4.ebuild:
186     Revision bump, hopefully fixing all those weird PAX failures.
187 phreak 1.180
188     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
189     Updating the metadata.xml.
190 phreak 1.179
191     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
192     Removing tocharian from metadata due to his retirement (see #71718 for
193     reference).
194 phreak 1.178
195     *hardened-sources-2.6.20-r9 (30 Aug 2007)
196    
197     30 Aug 2007; Christian Heim <phreak@gentoo.org>
198     +hardened-sources-2.6.20-r9.ebuild:
199     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
200 phreak 1.177
201     29 Aug 2007; Christian Heim <phreak@gentoo.org>
202     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
203     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
204     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
205     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
206     -hardened-sources-2.6.22-r2.ebuild:
207     Removing some redundant versions.
208 phreak 1.176
209     *hardened-sources-2.4.35-r1 (29 Aug 2007)
210    
211     29 Aug 2007; Christian Heim <phreak@gentoo.org>
212     +hardened-sources-2.4.35-r1.ebuild:
213     Revision bump, new grsecurity patch.
214 phreak 1.175
215     *hardened-sources-2.6.20-r8 (26 Aug 2007)
216    
217     26 Aug 2007; Christian Heim <phreak@gentoo.org>
218     +hardened-sources-2.6.20-r8.ebuild:
219     Revision bump for Linux 2.6.20.17.
220 phreak 1.174
221     *hardened-sources-2.6.22-r3 (22 Aug 2007)
222    
223     22 Aug 2007; Christian Heim <phreak@gentoo.org>
224     +hardened-sources-2.6.22-r3.ebuild:
225     Revision bump for Linux 2.6.22.4.
226 phreak 1.173
227     16 Aug 2007; Christian Heim <phreak@gentoo.org>
228     hardened-sources-2.6.22-r2.ebuild:
229     Updated patchset, to fix the alignment against 2.6.22.3.
230 phreak 1.172
231     *hardened-sources-2.6.22-r2 (16 Aug 2007)
232    
233     16 Aug 2007; Christian Heim <phreak@gentoo.org>
234     +hardened-sources-2.6.22-r2.ebuild:
235     Revision bump for Linux 2.6.22.3.
236 phreak 1.171
237     *hardened-sources-2.4.35 (16 Aug 2007)
238    
239     16 Aug 2007; Christian Heim <phreak@gentoo.org>
240     +hardened-sources-2.4.35.ebuild:
241     Version bump, initial version for Linux 2.4.35.
242 phreak 1.170
243     *hardened-sources-2.6.21-r4 (16 Aug 2007)
244    
245     16 Aug 2007; Christian Heim <phreak@gentoo.org>
246     +hardened-sources-2.6.21-r4.ebuild:
247     Revision bump for Linux 2.6.21.6.
248 phreak 1.169
249     *hardened-sources-2.6.20-r7 (16 Aug 2007)
250    
251     16 Aug 2007; Christian Heim <phreak@gentoo.org>
252     +hardened-sources-2.6.20-r7.ebuild:
253     Revision bump for Linux 2.6.20.16.
254 phreak 1.168
255     *hardened-sources-2.6.22-r1 (13 Aug 2007)
256    
257     13 Aug 2007; Christian Heim <phreak@gentoo.org>
258     +hardened-sources-2.6.22-r1.ebuild:
259     Yet another revision bump.
260 phreak 1.167
261     *hardened-sources-2.6.22 (10 Aug 2007)
262    
263     10 Aug 2007; Christian Heim <phreak@gentoo.org>
264     +hardened-sources-2.6.22.ebuild:
265     Initial release for 2.6.22. If you are using hardened-sources on a desktop
266     machine (P4 or newer), be aware you might need to disable
267     CONFIG_PAX_PAGEEXEC.
268 phreak 1.166
269     04 Aug 2007; Christian Heim <phreak@gentoo.org>
270     hardened-sources-2.6.20-r6.ebuild:
271     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
272     2.6.20.15.
273 phreak 1.165
274     10 Jul 2007; Christian Heim <phreak@gentoo.org>
275     hardened-sources-2.6.20-r5.ebuild:
276     Marking hardened-sources-2.6.20-r5 stable on ppc.
277 phreak 1.164
278     10 Jul 2007; Christian Heim <phreak@gentoo.org>
279     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
280     Cleanup.
281 phreak 1.163
282     *hardened-sources-2.6.20-r6 (08 Jul 2007)
283    
284     08 Jul 2007; Christian Heim <phreak@gentoo.org>
285     +hardened-sources-2.6.20-r6.ebuild:
286     Revision bump, grabbing yet another stable release.
287 phreak 1.162
288     17 Jun 2007; Christian Heim <phreak@gentoo.org>
289     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
290     -hardened-sources-2.6.21-r2.ebuild:
291     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
292     alpha stable KEYWORD by mistake.
293 phreak 1.161
294     17 Jun 2007; Christian Heim <phreak@gentoo.org>
295     hardened-sources-2.6.20-r5.ebuild:
296     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
297     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
298 phreak 1.160
299     *hardened-sources-2.6.21-r3 (12 Jun 2007)
300    
301     12 Jun 2007; Christian Heim <phreak@gentoo.org>
302     +hardened-sources-2.6.21-r3.ebuild:
303     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
304     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
305     love.
306 phreak 1.159
307     *hardened-sources-2.6.20-r5 (11 Jun 2007)
308    
309     11 Jun 2007; Christian Heim <phreak@gentoo.org>
310     +hardened-sources-2.6.20-r5.ebuild:
311     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
312     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
313     love.
314 pappy 1.158
315     *hardened-sources-2.4.34.5 (11 Jun 2007)
316    
317     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
318     +hardened-sources-2.4.34.5.ebuild:
319     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
320 phreak 1.157
321     30 May 2007; Christian Heim <phreak@gentoo.org>
322     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
323     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
324     stale ebuild(s).
325 phreak 1.156
326     30 May 2007; Christian Heim <phreak@gentoo.org>
327     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
328     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
329     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
330     Doing some cleanups, remove stale ebuilds.
331 phreak 1.155
332     26 May 2007; Christian Heim <phreak@gentoo.org>
333     hardened-sources-2.6.21-r2.ebuild:
334     Fixing the grsecurity patch, had one '};' too much.
335 phreak 1.154
336     *hardened-sources-2.6.21-r2 (26 May 2007)
337    
338     26 May 2007; Christian Heim <phreak@gentoo.org>
339     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
340     +hardened-sources-2.6.21-r2.ebuild:
341     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
342     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
343 phreak 1.153
344     *hardened-sources-2.6.20-r4 (26 May 2007)
345    
346     26 May 2007; Christian Heim <phreak@gentoo.org>
347     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
348     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
349 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
350 phreak 1.152
351     15 May 2007; Christian Heim <phreak@gentoo.org>
352     hardened-sources-2.6.20-r3.ebuild:
353     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
354     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
355     grsecurity patch fail in that exact same hunk.
356 phreak 1.151
357     *hardened-sources-2.6.20-r3 (15 May 2007)
358    
359     15 May 2007; Christian Heim <phreak@gentoo.org>
360     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
361     Revision bump, incorporating Linux 2.6.20.11.
362    
363     *hardened-sources-2.6.21-r1 (11 May 2007)
364    
365     11 May 2007; Christian Heim <phreak@gentoo.org>
366     +hardened-sources-2.6.21-r1.ebuild:
367     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
368     mentioned in #177234.
369 kevquinn 1.150
370     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
371     files/digest-hardened-sources-2.6.21, Manifest:
372     Fix Manifest/digest for linux-2.6.21.tar.bz2
373 phreak 1.149
374     06 May 2007; Christian Heim <phreak@gentoo.org>
375     hardened-sources-2.6.21.ebuild:
376     Bumping the hardened-patches version, needed for the fix for #177234.
377 phreak 1.148
378     *hardened-sources-2.6.21 (02 May 2007)
379    
380     02 May 2007; Christian Heim <phreak@gentoo.org>
381     +hardened-sources-2.6.21.ebuild:
382     Version bump, Linux 2.6.21-hardened.
383 phreak 1.147
384     29 Apr 2007; Christian Heim <phreak@gentoo.org>
385     hardened-sources-2.6.20-r2.ebuild:
386     Adding ~ia64 on Ned's request.
387 phreak 1.146
388     29 Apr 2007; Christian Heim <phreak@gentoo.org>
389     hardened-sources-2.6.20-r2.ebuild:
390     Fixing the included grsecurity patch, wasn't alligning due to the Index:
391     header line(s).
392 phreak 1.145
393     29 Apr 2007; Christian Heim <phreak@gentoo.org>
394     hardened-sources-2.6.20-r2.ebuild:
395     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
396 armin76 1.144
397     *hardened-sources-2.6.20-r2 (10 Apr 2007)
398    
399     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
400     +hardened-sources-2.6.20-r2.ebuild:
401     Version bump, on behalf of phreak
402 phreak 1.143
403     *hardened-sources-2.6.20-r1 (04 Apr 2007)
404    
405     04 Apr 2007; Christian Heim <phreak@gentoo.org>
406     +hardened-sources-2.6.20-r1.ebuild:
407     Revision bump, grabbing a newer grsecurity snapshot.
408 phreak 1.142
409     *hardened-sources-2.6.20 (25 Mar 2007)
410    
411     25 Mar 2007; Christian Heim <phreak@gentoo.org>
412     +hardened-sources-2.6.20.ebuild:
413     Finally a hardened-sources version for 2.6.20; many people have been waiting
414     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
415     testbox.
416 chainsaw 1.141
417     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
418     hardened-sources-2.6.18-r6.ebuild:
419     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
420 phreak 1.140
421     *hardened-sources-2.6.18-r6 (16 Mar 2007)
422    
423     16 Mar 2007; Christian Heim <phreak@gentoo.org>
424     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
425     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
426     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
427     supposed to be.
428 phreak 1.139
429     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
430     Fixing the Manifest, the previous one was broken (as in still had the
431     deleted ebuild in it).
432 phreak 1.138
433     06 Mar 2007; Christian Heim <phreak@gentoo.org>
434     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
435     +hardened-sources-2.6.18-r5.ebuild:
436     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
437     Linux 2.6.18.8. Also cleaning up the older version.
438    
439     *hardened-sources-2.6.18-r5 (06 Mar 2007)
440    
441     06 Mar 2007; Christian Heim <phreak@gentoo.org>
442     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
443     +hardened-sources-2.6.18-r5.ebuild:
444     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
445     Linux 2.6.18.8. Also cleaning up the older version.
446 phreak 1.137
447     24 Feb 2007; Christian Heim <phreak@gentoo.org>
448     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
449     -hardened-sources-2.6.19-r5.ebuild:
450     Removing some of the old version, that didn't work.
451 phreak 1.136
452     *hardened-sources-2.6.19-r6 (12 Feb 2007)
453    
454     12 Feb 2007; Christian Heim <phreak@gentoo.org>
455     +hardened-sources-2.6.19-r6.ebuild:
456     Revision bump, including a new grsec version fixing #166235.
457 pappy 1.134
458     *hardened-sources-2.4.34 (24 Jan 2007)
459    
460     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
461 pappy 1.135 Manifest:
462     updating Manifest with checksums of new tarball and ebuild
463    
464     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
465 pappy 1.134 +hardened-sources-2.4.34.ebuild:
466     I added new hardened sources 2.4 update, this is a critical path
467     security bugfix - all users of h-s are strongly advised
468     to update their existing hardened sources to this version.
469     It contains a fix for a kernel vulnerability that is pertaining
470     to the PaX changes to virtual memory management, possibly leading
471     to a local kernel exploit ... see grsecurity.net forums and homepage
472 phreak 1.133
473     23 Jan 2007; Christian Heim <phreak@gentoo.org>
474     files/digest-hardened-sources-2.6.19-r5, Manifest:
475     Fixing the patch-tarball digest.
476 phreak 1.132
477     *hardened-sources-2.6.19-r5 (23 Jan 2007)
478    
479     23 Jan 2007; Christian Heim <phreak@gentoo.org>
480     +hardened-sources-2.6.19-r5.ebuild:
481     Revision bump, closing the recently discovered PaX expand_stack()
482     vulnerability.
483 phreak 1.131
484     *hardened-sources-2.6.19-r4 (14 Jan 2007)
485    
486     14 Jan 2007; Christian Heim <phreak@gentoo.org>
487     +hardened-sources-2.6.19-r4.ebuild:
488     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
489     dropping the randomized PID feature.
490 opfer 1.130
491     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
492     hardened-sources-2.4.33.4.ebuild:
493     stable x86, bug #161171
494 phreak 1.129
495     *hardened-sources-2.6.19-r3 (27 Dec 2006)
496    
497     27 Dec 2006; Christian Heim <phreak@gentoo.org>
498     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
499     Revision bump for bug #157186 and #158786.
500 phreak 1.128
501     *hardened-sources-2.6.18-r4 (27 Dec 2006)
502    
503     27 Dec 2006; Christian Heim <phreak@gentoo.org>
504     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
505     Revision bump for bug #157186.
506 phreak 1.127
507     *hardened-sources-2.6.19-r2 (23 Dec 2006)
508    
509     23 Dec 2006; Christian Heim <phreak@gentoo.org>
510     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
511     Revision bump to pull in genpatches-2.6.19-3 for #157186.
512 phreak 1.126
513     17 Dec 2006; Christian Heim <phreak@gentoo.org>
514     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
515     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
516     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
517     hardened-sources-2.6.19-r1.ebuild:
518     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
519     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
520 pappy 1.125
521     *hardened-sources-2.4.33.4 (17 Dec 2006)
522    
523     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
524     +hardened-sources-2.4.33.4.ebuild:
525     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
526     and quilting
527 phreak 1.124
528     *hardened-sources-2.6.19-r1 (14 Dec 2006)
529    
530     14 Dec 2006; Christian Heim <phreak@gentoo.org>
531     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
532     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
533     for reporting).
534 phreak 1.123
535     *hardened-sources-2.6.19 (13 Dec 2006)
536    
537     13 Dec 2006; Christian Heim <phreak@gentoo.org>
538     +hardened-sources-2.6.19.ebuild:
539     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
540     Brad for providing that prompt update.
541 phreak 1.122
542     *hardened-sources-2.6.18-r3 (13 Dec 2006)
543    
544     13 Dec 2006; Christian Heim <phreak@gentoo.org>
545     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
546     +hardened-sources-2.6.18-r3.ebuild:
547     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
548     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
549 phreak 1.121
550     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
551     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
552 nixnut 1.120
553     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
554     Stable on ppc wrt bug 157356
555 opfer 1.119
556     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
557     hardened-sources-2.6.18.ebuild:
558     stable x86, bug #157356
559 phreak 1.118
560     *hardened-sources-2.6.18-r2 (06 Dec 2006)
561    
562     06 Dec 2006; Christian Heim <phreak@gentoo.org>
563     +hardened-sources-2.6.18-r2.ebuild:
564     Revision bump, including 2.6.18.5 (via genpatches) and
565     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
566     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
567     redesign.
568 phreak 1.117
569     06 Dec 2006; Christian Heim <phreak@gentoo.org>
570     hardened-sources-2.6.18.ebuild:
571     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
572     of Mike Doty).
573 phreak 1.116
574     *hardened-sources-2.6.18-r1 (23 Nov 2006)
575    
576     23 Nov 2006; Christian Heim <phreak@gentoo.org>
577     +hardened-sources-2.6.18-r1.ebuild:
578     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
579 phreak 1.115
580     *hardened-sources-2.6.18 (11 Nov 2006)
581    
582     11 Nov 2006; Christian Heim <phreak@gentoo.org>
583     +hardened-sources-2.6.18.ebuild:
584     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
585 solar 1.114
586     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
587     - mark amd64 stable also. bug #151877
588 solar 1.113
589     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
590     - mark 2.6.17-r1 stable
591 phreak 1.112
592     27 Aug 2006; Christian Heim <phreak@gentoo.org>
593     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
594     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
595 phreak 1.111
596     *hardened-sources-2.6.17-r1 (26 Aug 2006)
597    
598     26 Aug 2006; Christian Heim <phreak@gentoo.org>
599     +hardened-sources-2.6.17-r1.ebuild:
600     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
601     grsecurity patch.
602 phreak 1.110
603     *hardened-sources-2.6.17 (17 Aug 2006)
604    
605     17 Aug 2006; Christian Heim <phreak@gentoo.org>
606     +hardened-sources-2.6.17.ebuild:
607     Bumping the hardened-sources-2.6 series to 2.6.17, using
608     genpatches-2.6.17-6.base.
609 solar 1.109
610     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
611     - stable on x86 and amd64
612 solar 1.108
613     *hardened-sources-2.6.16-r11 (15 Jul 2006)
614    
615     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
616     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
617     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
618     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
619     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
620     crusty ebuilds
621 johnm 1.107
622     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
623     hardened-sources-2.6.16-r10.ebuild:
624     marking stable on x86 and amd64
625 solar 1.106
626     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
627     - 2.4.32-r6 stable on x86. RSBAC state unknown
628 kang 1.105
629     *hardened-sources-2.4.32-r7 (10 Jul 2006)
630    
631     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
632     +hardened-sources-2.4.32-r7.ebuild:
633     Bump PaX for RSBAC to test-17
634 johnm 1.104
635     *hardened-sources-2.6.16-r9 (03 Jul 2006)
636    
637     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
638     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
639     hardened-sources-2.6.16 bump to latest -base.
640 solar 1.103
641     *hardened-sources-2.4.32-r6 (30 Jun 2006)
642    
643     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
644     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
645     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
646     sysctl controlable resource logging
647 johnm 1.102
648     *hardened-sources-2.6.16-r7 (05 Jun 2006)
649    
650     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
651     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
652     push new 2.6.16 release in preparation for stable
653 solar 1.101
654     22 May 2006; <solar@gentoo.org> :
655     - redigest bug 134002
656 kang 1.100
657     *hardened-sources-2.4.32-r5 (16 May 2006)
658    
659     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
660     +hardened-sources-2.4.32-r5.ebuild:
661     Fixes rsbac common patching (new patch in new -r5 patchset)
662 solar 1.99
663     *hardened-sources-2.4.32-r4 (13 May 2006)
664    
665     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
666     +hardened-sources-2.4.32-r4.ebuild:
667     - security bumps
668 johnm 1.98
669     *hardened-sources-2.6.16-r6 (03 May 2006)
670    
671     03 May 2006; John Mylchreest <johnm@gentoo.org>
672     +hardened-sources-2.6.16-r6.ebuild:
673     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
674 johnm 1.97
675     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
676     hardened-sources-2.6.14-r8.ebuild:
677     fix x86_64 build problem, this will delay the digest issue again for a short
678     while but it will sort itself out
679 johnm 1.96
680     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
681     hardened-sources-2.6.14-r8.ebuild:
682     bump hardened patchset
683 antarus 1.94
684     27 Apr 2006; Alec Warner <antarus@gentoo.org>
685     files/digest-hardened-sources-2.4.32-r2,
686     files/digest-hardened-sources-2.4.32-r3,
687     files/digest-hardened-sources-2.6.14-r8, Manifest:
688     Fixing duff SHA256 digests: Bug # 131293
689 johnm 1.93
690 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
691    
692     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
693     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
694     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
695     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
696     cleanup of old uneccessary sources
697    
698 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
699     fix digest
700 johnm 1.92
701     *hardened-sources-2.6.14-r8 (20 Apr 2006)
702    
703     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
704     +hardened-sources-2.6.14-r8.ebuild:
705     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
706 johnm 1.91
707     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
708     Turning on gpg-signing again, and recomitting
709 johnm 1.90
710     *hardened-sources-2.6.16-r4 (20 Apr 2006)
711    
712     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
713     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
714     +hardened-sources-2.6.16-r4.ebuild:
715     Fix numerous security vulns
716 solar 1.89
717     *hardened-sources-2.4.32-r3 (16 Apr 2006)
718    
719     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
720     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
721     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
722     - security bump for bug #112791. Removed old ebuilds
723 johnm 1.88
724     *hardened-sources-2.6.16-r3 (15 Apr 2006)
725    
726     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
727     +hardened-sources-2.6.16-r3.ebuild:
728     Removing silly localversion which I missed
729 johnm 1.87
730     *hardened-sources-2.6.14-r7 (14 Apr 2006)
731    
732     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
733     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
734     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
735 johnm 1.86
736     *hardened-sources-2.6.16-r2 (13 Apr 2006)
737    
738     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
739     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
740     +hardened-sources-2.6.16-r2.ebuild:
741     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
742     labels, dropping USERGROUP define fixes, since these were merged mainstream.
743 johnm 1.85
744     *hardened-sources-2.6.16-r1 (11 Apr 2006)
745    
746     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
747     +hardened-sources-2.6.16-r1.ebuild:
748     Bumping to include ppc build fix and 2.6.16.3
749 tsunam 1.84
750     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
751     hardened-sources-2.6.14-r6.ebuild:
752     Stable on x86; bug #127718
753 johnm 1.83
754     *hardened-sources-2.6.16 (31 Mar 2006)
755    
756     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
757     +hardened-sources-2.6.16.ebuild:
758     Bumping to new version of grsec, and kernel base. New squashfs. Based on
759     2.6.16.1
760 cryos 1.82
761     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
762     hardened-sources-2.6.14-r6.ebuild:
763     Stable on amd64, bug 127718.
764 nixnut 1.81
765     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
766     Stable on ppc. Bug #127718
767 johnm 1.80
768     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
769     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
770     -hardened-sources-2.6.14-r4.ebuild:
771     Cleanup.
772 johnm 1.79
773     *hardened-sources-2.6.14-r6 (15 Mar 2006)
774    
775     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
776     +hardened-sources-2.6.14-r6.ebuild:
777     Fixes grsec policy recreation bug and adds a
778     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
779 solar 1.78
780     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
781     - stable on x86
782 hansmi 1.77
783     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
784     hardened-sources-2.6.14-r5.ebuild:
785     Stable on ppc.
786 johnm 1.76
787     *hardened-sources-2.6.14-r5 (01 Feb 2006)
788    
789     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
790     +hardened-sources-2.6.14-r5.ebuild:
791     fixing every known exploit
792 solar 1.75
793     *hardened-sources-2.4.32-r2 (26 Jan 2006)
794    
795     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
796     +hardened-sources-2.4.32-r2.ebuild:
797     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
798 solar 1.74
799     *hardened-sources-2.6.14-r4 (12 Jan 2006)
800    
801     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
802     - version bump for new genpatches which fix up a few sec holes
803 solar 1.73
804     *hardened-sources-2.4.32-r1 (05 Jan 2006)
805    
806     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
807     - revision bump to add misc vital linux kernel security patches.
808 johnm 1.72
809     *hardened-sources-2.6.14-r3 (30 Dec 2005)
810    
811     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
812     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
813     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
814 johnm 1.71
815     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
816     hardened-sources-2.6.14-r2.ebuild:
817     making x86 & amd64 stable following testing.
818 johnm 1.70
819     *hardened-sources-2.6.14-r2 (27 Dec 2005)
820    
821     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
822     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
823     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
824     network hooks.
825 johnm 1.69
826     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
827     hardened-sources-2.6.14-r1.ebuild:
828     bumping to stable early for sec fix on x86 & amd64
829 johnm 1.68
830     *hardened-sources-2.6.14-r1 (05 Dec 2005)
831    
832     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
833     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
834     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
835 solar 1.67
836     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
837     - stable on x86 security bug #114227 CAN-2005-3257
838 kang 1.66
839     *hardened-sources-2.4.32 (19 Nov 2005)
840    
841     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
842     +hardened-sources-2.4.32.ebuild:
843     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
844     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
845     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
846     rsbac >> /etc/portage/package.use)
847 johnm 1.65
848     *hardened-sources-2.6.14 (14 Nov 2005)
849    
850     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
851     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
852     Bumping 2.6 series to 2.6.14.2
853 johnm 1.64
854     *hardened-sources-2.6.13-r2 (20 Oct 2005)
855    
856     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
857     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
858     +hardened-sources-2.6.13-r2.ebuild:
859     Fixes minor build error in ppc.
860 johnm 1.63
861     *hardened-sources-2.6.13-r1 (17 Oct 2005)
862    
863     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
864     +hardened-sources-2.6.13-r1.ebuild:
865     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
866     2.6.13.4, fixes some major amd64 stability problems.
867 johnm 1.62
868     *hardened-sources-2.6.13 (16 Sep 2005)
869    
870     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
871     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
872     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
873     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
874     users should test this thoroughly.
875 solar 1.61
876     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
877     - stable on x86
878 johnm 1.60
879     *hardened-sources-2.6.11-r15 (27 Jun 2005)
880    
881     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
882     +hardened-sources-2.6.11-r15.ebuild:
883     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
884     grsec redefining curr_ip struct.
885 solar 1.59
886     *hardened-sources-2.4.31 (20 Jun 2005)
887    
888     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
889     initial import of 2.4.31 tree
890 johnm 1.58
891     *hardened-sources-2.6.11-r14 (14 Jun 2005)
892    
893     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
894     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
895     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
896     naming scheme to abide by genpatches
897 johnm 1.57
898     *hardened-sources-2.6.11-r13 (18 May 2005)
899    
900     18 May 2005; John Mylchreest <johnm@gentoo.org>
901     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
902     Managed to mangle the Makefile patch from grsec, to miss out the grsec
903     target. sorry about that. Fixes bug #93022
904 johnm 1.56
905     *hardened-sources-2.6.11-r12 (17 May 2005)
906    
907     17 May 2005; John Mylchreest <johnm@gentoo.org>
908     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
909     +hardened-sources-2.6.11-r12.ebuild:
910     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
911     merges in genpatches-base
912 johnm 1.55
913     *hardened-sources-2.6.11-r12 (17 May 2005)
914    
915     17 May 2005; John Mylchreest <johnm@gentoo.org>
916     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
917     +hardened-sources-2.6.11-r12.ebuild:
918     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
919     merges in genpatches-base
920 solar 1.54
921     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
922     -files/2.4.27-cmdline-race.patch,
923     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
924     -files/2.4.28-grsec-binfmt_a.out.patch,
925     -files/2.4.28-grsec-cmdline-race.patch,
926     -files/2.4.28-selinux-binfmt_a.out.patch,
927     -files/2.4.28-selinux-cmdline-race.patch,
928     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
929     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
930     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
931     cleanup..
932 solar 1.53
933     *hardened-sources-2.4.30-r1 (21 Apr 2005)
934    
935     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
936     - disable aout by default
937 solar 1.52
938     *hardened-sources-2.4.30 (18 Apr 2005)
939    
940     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
941     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
942     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
943     use
944 tocharian 1.50
945 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
946    
947     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
948     +hardened-sources-2.4.29.ebuild:
949     New hardened-patches-2.4-29.0 patchball.
950     Removed SELinux support, upgraded GRSecurity to 2.1.4.
951    
952     *hardened-sources-2.4.28-r5 (06 Mar 2005)
953    
954     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
955     +hardened-sources-2.4.28-r5.ebuild:
956     Added a fix for a PaX vulnerability.
957    
958     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
959 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
960     Stable on x86
961 solar 1.49
962     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
963     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
964     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
965     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
966     - fixed/added RDEPEND= in all kernel-2 ebuilds
967 tocharian 1.48
968     *hardened-sources-2.4.28-r4 (21 Jan 2005)
969    
970     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
971     +hardened-sources-2.4.28-r4.ebuild:
972     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
973     backport of neighbour hash updates.
974 tocharian 1.47
975     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
976     hardened-sources-2.4.28-r3.ebuild:
977     Stable on x86
978 tseng 1.46
979     *hardened-sources-2.6.10-r3 (20 Jan 2005)
980    
981     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
982     +hardened-sources-2.6.10-r3.ebuild:
983     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
984     in 2005.0
985 tocharian 1.45
986     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
987     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
988     hardened-sources-2.4.28-r2.ebuild:
989     Mark stable on x86
990 tocharian 1.44
991     *hardened-sources-2.4.28-r3 (17 Jan 2005)
992    
993     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
994     +hardened-sources-2.4.28-r3.ebuild:
995     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
996 tocharian 1.43
997     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
998     hardened-sources-2.4.28.ebuild:
999     Mark stable on x86.
1000 tocharian 1.42
1001     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1002    
1003     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1004     +hardened-sources-2.4.28-r2.ebuild:
1005     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1006     Mazinger for grsecurity patches as well.
1007 plasmaroo 1.41
1008     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1009    
1010     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1011     Security bump. Thank tocharian for rolling a new patchset...
1012 solar 1.40
1013     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1014     +files/2.4.28-grsec-cmdline-race.patch,
1015     +files/2.4.28-selinux-binfmt_a.out.patch,
1016     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1017     - Round up remaining security patches that appear to be missing in 2.4.28. -
1018     PaX standalone updated to current. hgpv=28.1
1019 solar 1.39
1020     *hardened-sources-2.4.28 (28 Nov 2004)
1021    
1022     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1023     security bump. Thank tocharian for rolling a new patchset
1024 scox 1.31
1025 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1026    
1027     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1028     +hardened-sources-2.4.27-r3.ebuild:
1029     Applies the new 2.4-27.2 patchball which updates
1030     GRSecurity to the 2.0.1 version.
1031    
1032 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1033    
1034     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1035     +hardened-sources-2.4.27-r2.ebuild:
1036     Version bump.
1037     This version uses the new 2.4-27.1 patchball which updates
1038     both the SELinux PaX hooks patch and the SELinux headers.
1039    
1040 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1041    
1042     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1043     +hardened-sources-2.4.27-r1.ebuild,
1044     -hardened-sources-2.4.27.ebuild,
1045     +files/2.4.27-cmdline-race.patch:
1046     Version bump, fix for cmdline race. See bug #59905.
1047    
1048     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1049    
1050     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1051     +hardened-sources-2.4.26-r6.ebuild,
1052     -hardened-sources-2.4.26-r5.ebuild,
1053     -hardened-sources-2.4.26-r4.ebuild,
1054     +files/2.4.26-cmdline-race.patch:
1055     Version bump, fix for cmdline race. See bug #59905.
1056    
1057 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1058    
1059     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1060     +hardened-sources-2.4.27.ebuild,
1061     +files/2.4.27-CAN-2004-0394.patch:
1062     Ported the patchball to the 2.4.27 kernel version.
1063    
1064 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1065    
1066     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1067     +hardened-sources-2.4.26-r5.ebuild:
1068 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1069 scox 1.34 It adds the following features:
1070     - Squashfs
1071     - Ebtables
1072     - Netdev random (core+drivers)
1073     - Watchdog Timer (WDT) fix.
1074    
1075 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1076    
1077     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1078     +hardened-sources-2.4.26-r4.ebuild,
1079     +files/2.4.26-CAN-2004-0415.patch,
1080     -hardened-sources-2.4.26-3:
1081     Version bump, fix for CAN 0415, see bug #59378.
1082    
1083 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1084    
1085     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1086     +hardened-sources-2.4.26-r3.ebuild,
1087     +files/2.4.26-CAN-2004-0497.patch,
1088     -hardened-sources-2.4.26-r2.ebuild:
1089     Version bump, fixed CAN 0497, see bug #56171.
1090    
1091 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1092    
1093     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1094 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1095 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1096     +files/2.4.26-CAN-2004-0535.patch,
1097     -hardened-sources-2.4.26-r1.ebuild:
1098     Fixes for both CAN 0495 and 0535, see bug #54976
1099 pvdabeel 1.27
1100 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1101     hardened-sources-2.4.26-r1.ebuild:
1102     QA - fix use invocation
1103 scox 1.28
1104     *hardened-sources-2.4.26-r1 (22 June 2004)
1105    
1106     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1107     +hardened-sources-2.4.26-r1.ebuild,
1108     +files/2.4.26-CAN-2004-0394.patch,
1109     +files/2.4.26-signal-race.patch,
1110     -hardened-sources-2.4.26.ebuild,
1111     -hardened-sources-2.4.24-r3.ebuild:
1112     Version bump for the CAN-2004-0394 issue and bug #53804
1113     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1114    
1115    
1116 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1117     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1118     Masked hardened-sources-2.4.26.ebuild broken for ppc
1119    
1120     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1121     hardened-sources-2.4.24-r3.ebuild:
1122     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1123 plasmaroo 1.25
1124 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1125    
1126     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1127     +hardened-sources-2.4.26.ebuild:
1128     Updated hardened-sources for the 2.4.26 kernel
1129     Removed broken components, updated almost everything.
1130    
1131 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1132    
1133     17 Apr 2004; <plasmaroo@gentoo.org>
1134     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1135     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1136     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1137     +hardened-sources-2.4.24-r3.ebuild:
1138     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1139     vulnerabilities. Old revisions removed.
1140 plasmaroo 1.24
1141     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1142    
1143     15 Apr 2004; <plasmaroo@gentoo.org>
1144     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1145     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1146     Version bump for the CAN-2004-0109 issue; bug #47881.
1147 aliz 1.23
1148     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1149     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1150     Add eutils to inherit.
1151 plasmaroo 1.22
1152     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1153    
1154     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1155     files/hardened-sources-2.4.24.munmap.patch:
1156     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1157 scox 1.19
1158 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1159 scox 1.26
1160 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1161     hardened-sources-2.4.24.ebuild:
1162     Version bump, updated most of the components.
1163     This release includes the following:
1164    
1165     - Hardened security
1166     - Netfilter patch-o-matic 20031219
1167     - FreeSWAN 2.04 & x509 1.4.8
1168     - EVMS 2.2.2
1169     - XFS 1.3.1
1170     - cryptoloop jari
1171     - grsecurity 2.0-rc4
1172     - SELinux
1173     - PaX 200402060000
1174     - PaX Obscurity 200308302223
1175     - Others...
1176    
1177     Neither -ck nor systrace are included anymore.
1178    
1179 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1180    
1181     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1182     hardened-sources-2.4.22-r2.ebuild:
1183 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1184 scox 1.19
1185     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1186 iggy 1.17
1187     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1188 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1189 iggy 1.16
1190     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1191 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1192     Version bump for the 'do_brk' vulnerability.
1193 iggy 1.15
1194     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1195     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1196     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1197     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1198 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1199 frogger 1.14
1200     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1201     hardened-sources-2.4.22.ebuild:
1202 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1203     components. These are no longer handled in the kernel
1204     so this code was not necessary.
1205 frogger 1.13
1206     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1207     New 2.4.22 based hardened-sources thanks to
1208     Phil West <p.west@computer.org>.
1209    
1210     These sources include:
1211 plasmaroo 1.18 - New SELinux API
1212     - Updated CK-base
1213     - Updated GRSec
1214     - Systrace
1215     - SuperFreeS/WAN 1.99.8
1216     - Propolice kernel build support
1217     - EVMS
1218     - Other various security related patches
1219 frogger 1.11
1220 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1221    
1222     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1223     Updated hardened-sources based on the 2.4.21 Linux kernel.
1224     This includes updates to most major components such as:
1225 plasmaroo 1.18 - ck-base-0306300059
1226     - selinux-2.4-2003071106
1227     - grsecurity-2.0-rc1
1228     - Updated IPTables patch-o-matic
1229     - Updated SuperFreeS/WAN
1230    
1231 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1232     updated patch set ready for the 2.4.21 based kernel.
1233    
1234 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1235     Initial import of hardened-sources-2.4.20-r4. This revision
1236     includes only a few changes, but one of these is an important
1237     security fix. It is recommended all users of hardened-sources
1238     upgrade to this release.
1239 plasmaroo 1.18
1240 frogger 1.11 - ioperm bug fix
1241     - fixed compilation failure when building without GRSec
1242 plasmaroo 1.18
1243 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1244     due to time constraints, but is planned for inclusion in the near
1245     future.
1246 msterret 1.10
1247     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1248    
1249     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1250     hardened-sources-2.4.20-r3.ebuild:
1251 plasmaroo 1.18 Add Header...
1252 frogger 1.9
1253     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1254     hardened-sources-2.4.20-r3.ebuild:
1255     Removed warnings from ebuild. This kernel should be safe to
1256     use at this point.
1257 frogger 1.8
1258     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1259    
1260     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1261     hardened-sources-2.4.20-r3.ebuild:
1262     New revision. Includes the following changes over -r2:
1263 plasmaroo 1.18
1264 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1265     - Super FreeS/WAN 1.99.7rc2
1266     - PaX for the LSM/SELinux branch
1267     - GRSecurity 2.0-pre4 (role based access control)
1268     - Systrace 1.3
1269     - EXT3 fixes
1270     - EVMS 2.0.1
1271     - GCC 3.1+ compile optimizations
1272     - ProPolice kernel build support
1273     - Hashing table security fixes
1274 frogger 1.3
1275     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1276 frogger 1.7
1277     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1278     Initial import of hardened-sources-r2. This new
1279     ebuild includes many new performance and security
1280     related patches. As in -r1, it will patch in
1281     LSM/SELinux if "selinux" is in USE, otherwise it
1282     will patch in GRSecurity. The following patches
1283     are included in this revision:
1284 plasmaroo 1.18
1285 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1286     (pulled from the base CK patch)
1287     - ptrace exploit patch for the LSM kernel
1288     (the GRSec patch already fixes this)
1289     - LSM 2.4-2003040709
1290     - SELinux 2.4-2003040709
1291     - Systrace v1.2
1292     - IPTables patch-o-matic base patches - 20030107
1293     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1294     - Super FreeS/WAN 1.99.6.1
1295     - GRSecurity 1.9.9g
1296     - MPPE
1297     - EXT3 data journal fix
1298     - CIPE 1.5.4
1299 frogger 1.6
1300     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1301     hardened-sources-2.4.20-r1.ebuild, manifest:
1302 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1303 frogger 1.5
1304     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1305     hardened-sources-2.4.20-r1.ebuild:
1306     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1307     is patched in instead. Ptrace patches for selinux have also been added. In
1308     either case, systrace support will be patched in as well.
1309 frogger 1.3
1310     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1311     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1312 plasmaroo 1.18 Revision bump for new sources.
1313 frogger 1.4
1314 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1315 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1316 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1317 method 1.1
1318 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1319    
1320 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1321     hardened-sources-2.4.20.ebuild:
1322 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20